Important
For Crypto Wallet related audits / pentests / security reviews, reach out to Valkyri
💼 Curated list of Wallet Security resources
Most wallet web/app/extensions/contracts suffer from bugs or misconfigurations. So the security is of utmost importance. The crypto wallets holds billions of dollars. So the potential to lose such a huge chunk of financial assets is never worth more than an audit🥂
- Blogs
- Courses
- Checklists
- Wallet Web Audit Reports
- Wallet Android App Audit Reports
- Wallet iOS App Audit Reports
- Tools
- How to Hack a Web3 Wallet (Legally): A Full-Stack Pentesting Guide by Valkyri
- Crypto Wallet Security by security engineers
- Crypto Wallet Security for developers
- Wallet Security Writeups by Slowmist
- 0day Wallet can leak the users private key by ExvulSec
- Wallet Draining issues by Coinspect
- Fuelet Wallet Password Replacement Attack Report by ExvulSec
Note: These courses are meant for users who are using crypto wallets for any operations, and is highly recommended
- Wallet Security Basics by Cyfrin Updraft
- Advanced Wallet Security by Cyfrin Updraft
- Crypto Security 101 : Mini Course by Chainaware
- BlockApex - Mobile, Desktop, Extension, Web
- Certik - Mobile, Web, Extension, Desktop
- Slowmist - Extension, Mobile & Desktop, Hardware, Web3 MCP
- Slowmist - Account Abstraction Wallet (on-chain)
- Anatha Wallet Report by Halborn
- AVAX Wallet Audit Report by Halborn
- SUI WebApp Wallet Report by Halborn
- Vital Wallet Audit Report by Hacken
- Pontem Wallet Audit Report by Zellic
- Tesa Wallet Audit Report by ExvulSec
- Cypher Wallet Audit Report by OakSecurity
- TronLink Wallet Audit Report by Slowmist
- Chainsafer Front-end Audit Report by Slowmist
- Frontier Wallet Audit Report by Slowmist
- Termix MCP Wallet Audit Report by Slowmist
- SUI Web Extension Wallet Report by MystenLabs
- ZEAL Wallet Audit Report by Zeal Security
- Earth Wallet Audit Report by Halborn
- 77Wallet Audit Report by Slowmist
- Sender Wallet Audit Report by Slowmist
- Make Casper Wallet Audit Report by Slowmist
- TronLink Wallet Audit Report by Slowmist
- Rabby Wallet Audit Report by Slowmist
- Flooz Wallet Audit Report by SigmaPrime
- Earth Wallet Audit Report by Slowmist
- Make Casper Audit Report by Halborn
- Sender Wallet Audit Report by Slowmist
- Assure Wallet Audit Report by Slowmist
- Rabby Wallet Audit Report by Slowmist
- Ambire Wallet Audit Report by Shieldify
- HotWallet Audit Report by Hacken
- Coinbase Smart Wallet Audit Report by Certora
- Coinbase Smart Wallet Audit Report by Cantina
- BLS Wallet Audit Report by SigmaPrime
- Dapper Wallet Audit Report by SigmaPrime
- Fantom MultiSig Wallet Audit Report by SigmaPrime
- Wallet Guard : Wallet Guard is a suite of security tools which include real time alerting, malicious extension detection, a personal security dashboard, and soon transaction simulations to navigate web3 safely
- Gatekeep : Anti-theft system for crypto wallets. Intercepts malicious transactions before they process on chain
- Revoke Cash : Take Back Control of Your Wallet
- Blowfish : Blowfish is a risk-assessment tool for Web3 wallets
- PocketUniverse : Pocket Universe is a free browser extension that keeps assets safe when you sign web3 transactions.
- Blockaid : Protect users against fraud, scams, phishing, and hacks
- Solsniffer : Advanced token sniffer and wallet portfolio tracker on Solana for secure trading analysis.
- Cobo Argus : Cobo Argus addresses the complexity faced by Safe{Wallet} users in DeFi operations, which require multiple signatures. It introduces a single-signature module for better risk control and role delegation, simplifying team operations.